class AccountController < RootController

  after_filter :last_login, :only => [:remotelogin, :login]

  def index
    redirect_to(:action => 'signup') unless logged_in? || Friend.count > 0
  end

  def remotelogin
    return unless request.xhr?
    self.current_friend = Friend.authenticate(params[:login], params[:password])
    if logged_in?
      if params[:remember_me] == "1"
        self.current_friend.remember_me
        cookies[:auth_token] = { :value => self.current_friend.remember_token , :expires => self.current_friend.remember_token_expires_at }
      end

      render :text => _("Tuned in")
    else
      render :text => _("Try again")
    end
  end

  def login
    return unless request.post?
    self.current_friend = Friend.authenticate(params[:login], params[:password])
    if logged_in?
      if params[:remember_me] == "1"
        self.current_friend.remember_me
        cookies[:auth_token] = { :value => self.current_friend.remember_token , :expires => self.current_friend.remember_token_expires_at }
      end
      flash[:notice] = _("Tuned in")
      redirect_to(:controller => 'mind/friends', :action => 'list')
    end
  end

  def signup
    @friend = Friend.new(params[:friend])
    return unless request.post?
    @friend.save!
    #self.current_friend = @friend - do not log in, first do activation
    flash[:notice] = _("Thanks")
    redirect_to :action => 'activate'
    #redirect_back_or_default(:controller => '/account', :action => 'activate') - first do activation
  rescue ActiveRecord::RecordInvalid
    render :action => 'signup'
  end

  def lostpassword
    return unless request.post?
    @friend = Friend.find_by_login_and_email(params[:friend][:login], params[:friend][:email])
    if @friend
      FriendNotifier.deliver_lostpassword @friend, app_config
      flash[:notice] = _("Thanks")
      redirect_back_or_default(:controller => 'mind/friends', :action => 'list')    
    else 
      flash.now[:error] = _("Not right")
      render :action => 'lostpassword'  
    end
  rescue ActiveRecord::StatementInvalid
    flash.now[:error] = _("Dont exist")
    render :action => 'lostpassword'  
  end
  
  def remotelogout
    self.current_friend.forget_me if logged_in?
    cookies.delete :auth_token
    reset_session
    render :text => _("Dropped out")
  end
  
  def logout
    self.current_friend.forget_me if logged_in?
    cookies.delete :auth_token
    reset_session
    flash[:notice] = _("Dropped out")
    redirect_back_or_default(:controller => 'mind/friends', :action => 'list')
  end

#   verify :params => "activation_code", :method => "post", :only => :activate, :redirect_to => "/"
   def activate
    return unless params[:activation_code]
      @f = Friend.find_by_activation_code(params[:activation_code]) 
      if @f and @f.activate
        flash[:notice] = _("Account activated")
        redirect_to :action => 'login'
      else
        flash[:error] = _("Unable to activate")
      end
  end 

  def last_login
    self.current_friend.update_attributes(:last_login => Time.now) if logged_in?
  end

end
